plan-515372324.xlsb

General
Target

plan-515372324.xlsb

Size

155KB

Sample

210629-ya5cdesfp2

Score
10 /10
MD5

08e52afbefa423fb9f1ea0af88a4880e

SHA1

2d688dfee28f75553bc1d3633f891d2e70e0408b

SHA256

aaa32ff3e41c61fe828f0850e702f5ed7ffd6177c4bf80ed15324525537f44cd

SHA512

7a5400ec826ecaa0fa6a8beb9022bd9e918f11cf97e57d747477720889f7203af983620e2f7b543fb1ff5cc5a9eff13447d6353506c862dfe2ebd23b7a63dee8

Malware Config

Extracted

Language xlm4.0
Source
URLs
xlm40.dropper

https://khangland.pro/v8gEDeSB/sun.html

xlm40.dropper

https://jaipurbynite.com/stLdQs9R53/sun.htm

Targets
Target

plan-515372324.xlsb

MD5

08e52afbefa423fb9f1ea0af88a4880e

Filesize

155KB

Score
10 /10
SHA1

2d688dfee28f75553bc1d3633f891d2e70e0408b

SHA256

aaa32ff3e41c61fe828f0850e702f5ed7ffd6177c4bf80ed15324525537f44cd

SHA512

7a5400ec826ecaa0fa6a8beb9022bd9e918f11cf97e57d747477720889f7203af983620e2f7b543fb1ff5cc5a9eff13447d6353506c862dfe2ebd23b7a63dee8

Signatures

  • Process spawned unexpected child process

    Description

    This typically indicates the parent process was compromised via an exploit or macro.

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      8/10

                      behavioral1

                      10/10

                      behavioral2

                      10/10